Jonas Smedegaard wrote:

> Exactly: Packages poorly _maintained_ should be removed.  E.g. npm!
> My point in previous post was that focusing only on the workload for 
> _initial_ packaging masks the actual real workload, which is being 
> discussed here!
> - Jonas

I agree. If it is too complicated to maintain nodejs and npm packages, they 
should be removed for security reasons. There could be a vulnerability in the 
nodejs web server.

Serious professionals will have to install tar balls from the official web 
pages.

Thierry Vilmart


-- 
Pkg-javascript-devel mailing list
Pkg-javascript-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel

Reply via email to